How To Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability On TP-Link Products

There are a couple of vulnerabilities were discovered on a couple of TP-Link products. The vulnerabilities identified as CVE-2021-35003 and CVE-2021-35004 are rated Critical & High and assigned CVSS scores of 9.8 & 8.8. It is worth knowing about the vulnerabilities as these flaws allow There are a couple of vulnerabilities discovered in a couple of TP-Link products. The vulnerabilities identified as CVE-2021-35003 and CVE-2021-35004 are rated Critical & High and assigned CVSS scores of 9.8 & 8.8. The vulnerabilities are worth knowing as these flaws allow attackers to execute code with the highest privileges from remote. We have created this post to create awareness about these vulnerabilities and want our readers to know how to fix them up. Let’s see How to Fix CVE-2021-35003(4)- A Remote Code Execution vulnerability in TP-Link Products.

Summary Of The CVE-2021-35003:

The flaw is due to improper handling of DNS requests. A specially crafted DNS message can trigger an overflow of a fixed length. This caused a stack buffer overflow. An attacker can exploit this stack buffer overflow vulnerability to execute code with root privileges from the remote.

In other words, we could say that this vulnerability could let remote attackers execute arbitrary code without authentication in the affected TP-Link product.

Since this vulnerability affects TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) WiFi routers, we recommend all the users of TP-Link Archer C90 AC1900 WiFi router to verify the build information and fix the CVE-2021-35003 vulnerability as soon as possible.

Summary Of The CVE-2021-35004:

The flaw is due to improper handling of DNS requests. A specially crafted DNS message can trigger an overflow of a fixed length. This caused a stack buffer overflow. An attacker can exploit this stack buffer overflow vulnerability to execute code with root privileges from the remote.

In other words, we could say that this vulnerability could let remote attackers execute arbitrary code without authentication in the affected TP-Link product.

Since this vulnerability affects TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points, we recommend all the users of TP-LinkTL-WA1201 wireless access points to verify the build information and fix the CVE-2021-35004 vulnerability as soon as possible.

How To Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability On TP-Link Products?

The only possible way to fix CVE-2021-35003( & CVE-2021-350034 buffer overflow and RCE vulnerabilities is to upgrade the firmware of your TP-Link products to the latest version. TP-Link has fixed these vulnerabilities by rolling out new firmware updates. Let’s see how to fix CVE-2021-35003 and CVE-2021-35004 in the TP-Link Archer C90 AC1900 WiFi Router and TP-LinkTL-WA1201 wireless access points, respectively.

How To Fix CVE-2021-35003 On TP-Link Archer C90 AC1900 WiFi Router?

All the firmware v6 and below are affected by the vulnerability. Upgrade your TP-Link Archer C90 AC1900 WiFi Router firmware to v6 and above to fix the CVE-2021-35003 vulnerability. Please download the firmware from https://www.tp-link.com/us/support/download/archer-c90/#Firmware.

How to Fix CVE-2021-35004 on the TP-LinkTL-WA1201 wireless access point?

All the firmware v2 and below are affected by the vulnerability. Upgrade your firmware of TP-LinkTL-WA1201 wireless access point to v2 and above fix the CVE-2021-35004 vulnerability. Please download the firmware from https://www.tp-link.com/us/support/download/tl-wa1201/#Firmware.

However, before you start upgrading the firmware process, we need you to read these IMPORTANT points.

How To Upgrade Firmware On TP-Link Router And Access Point?

Step 1. Download the latest firmware version for your device

Go to the download center for your Region on the TP-Link website. Then, select your product from the drop-down list.  Choose the correct hardware version, and click on ‘Firmware’.  A list of available firmware will be shown.

Step 2. Extract the downloaded file

Use WinZip or WinRar applications and extract the Zip file.

Step 3. Login to the TP-Link device web management page

Router:
Connect your computer, phone, or tab to the TP-Link router either by Wired or Wirelessly. Open the browser and type “http://tplinkwifi.net” in the address bar to access the web management page. Visit this page for more details.

Extender or Access Point:
Connect your computer, phone, or tab to the TP-Link access point either. Open the browser and type“192.168.0.254” or the domain name “tplinkrepeater.net” in the address bar to access the web management page. Visit this page for more details.

Step 4. Upgrade the Firmware of the TP-Link device

Router:

1. Click on System Tools-Firmware Upgrade (or Firmware).2. Click on Browse/Choose File and choose the extracted file.3. Click the Upgrade button.  The device will reboot to complete the process.Note: Sometimes you may lose your router to factory settings. Run the Quick Setup Wizard to reconfigure your TP-Link router.  Visit here for more details.


Access Point:

1. Click System Tools–Backup & Restore, and save the current settings to a location. It is recommended to take a backup of your access points settings because you may lose all your setting in this process.2. Click on System Tools–Firmware Upgrade.
3. Click on Browse button and choose the extracted file.4. Click the Upgrade button. The device will reboot to complete the process. Visit here for more details.

We hope this post will help you know How to Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability on TP-Link Products. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.